Malware integrates anti-debugging mechanism
Fake email from Vodafone to German customers comes from Romanian domainhttp://i1-news.softpedia-static.com/images/fitted/620x348/Aggressive-Phishing-Campaign-Aimed-at-German-Users.jpg A phishing campaign targeting German users relies on emails claiming to be from reputable companies like Vodafone, Telekom and Volksbank to spread malware.
The messages are written in German and purport to deliver an invoice, pointing the recipient to an address where the malicious software sample is hosted.
Researchers at AVG said that the campaign started earlier this year, when it targeted Germany in particular. Recently, though, they have observed that the actors behind it have taken the operation to a higher level and now send the emails to users all over the world.
Download link is unique for each malware version
Interestingly, they did not change the language of the message, so the targets are still German speakers, making the scam easier to detect by all the other recipients.
Full Article